Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp-eventmanager wp event manager vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-24810
The WP Event Manager WordPress plugin prior to 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Wp-eventmanager Wp Event Manager
5.4
CVSSv3
CVE-2023-52118
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP User Profile Avatar allows Stored XSS.This issue affects WP User Profile Avatar: from n/a up to and including 1.0.
Wp-eventmanager Wp Event Manager
5.4
CVSSv3
CVE-2023-49181
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce allows Stored XSS.This issue affects WP Event Manager – Ev...
Wp-eventmanager Wp Event Manager
4.8
CVSSv3
CVE-2023-4423
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.1.37.1 due to insufficient input sanitization and output escaping. T...
Wp-eventmanager Wp Event Manager
6.1
CVSSv3
CVE-2022-1474
The WP Event Manager WordPress plugin prior to 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting
Wp-eventmanager Wp Event Manager
6.1
CVSSv3
CVE-2023-47697
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin <= 3.1.39 versions.
Wp-eventmanager Wp Event Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started